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1 . The applicant is hereby notified that this International Preliminary Examining Authority transmits herewith the 
international preliminary examination report and its annexes, if any, established on the international 
application. 



2. A copy of the report and its annexes, if any, Is being transmitted to the International Bureau for 
communication to all the elected Offices. 



3. Where required by any of the elected Offices, the International Bureau will prepare an English translation of 
the report (but not of any annexes) and will transmit such translation to those Offices. 



4. REMINDER 

The applicant must enter the national phase before each elected Office by performing certain acts (filing 
translations and paying national fees) within 30 months from the priority date (or later in some Offices) 
(Article 39(1)) (see also the reminder sent by the International Bureau with Form PCT/IB/301). 

Where a translation of the international application must be furnished to an elected Office, that translation 

must contain a translation of any annexes to the international preliminary examination report. It is the 
applicant's responsibility to prepare and furnish such translation directly to each elected Office concerned. 

For further details on the applicable time limits and requirements of the elected Offices, see Volume II of the 
PCT Applicant's Guide. 

The applicant's attention is drawn to Article 33(5), which provides that the criteria of novelty, inventive step 
and industrial applicability described in Article 33(2) to (4) merely serve the purposes of international 
preliminary examination and that "any Contracting State may apply additional or different criteria for the 
purposes of deciding whether, in that State, the claimed inventions is patentable or not" (see also Article 
27(5)). Such additional criteria may relate, for example, to exemptions from patentability, requirements for 
enabling disclosure, clarity and support for the claims. 
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International application No. 
PCTyEP 03y01474 


International filing date (dayAnonth^ear) 
14.02,2003 


Priority date (dayAnonth^ear) 
08.03.2002 



Intemational Patent Classification (IPC) or both national classification and IPC 
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Applicant 
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1 . This international preliminary examination report has been prepared by this International Preliminary Examining 
Authority and is transmitted to the applicant according to Article 36. 



2. This REPORT consists of a total of 5 sheets, including this cover sheet. 



^ This report is also accompanied by ANNEXES, i.e. sheets of the description, claims andADr drawings which have 
been amended and are the basis for this report and/br sheets containing rectifications made before this Authority 
(see Rule 70.16 and Section 607 of the Administrative Instructions under the PCT). 

These annexes consist of a total of 8 sheets. 



This report contains indications relating to the following items: 



I 



II 


□ 


III 


□ 


IV 


□ 


V 




VI 


□ 


VII 


□ 


VIII 


□ 



Basis of the opinion 
Priority 

Non-establishment of opinion with regard to novelty, inventive step and Industrial applicability 

Lack of unity of invention 

Reasoned statement under Rule 66.2(a)(ii) with regard to novelty, inventive step or industrial applicability; 
citations and explanations supporting such statement 

Certain documents cited 

Certain defects in the international application 

Certain observations on the international application 



Date of submission of the demand 
01.10.2003 


Date of completion of this report 
30.03.2004 


Name and mailing address of the intemational 
preliminary examining authority: 

European Patent Office 

^ D-80298 Munich 

MiJ Tel. +49 89 2399 - 0 Tx: 523656 epmu d 
^ Fax: +49 89 2399 - 4465 


Authorized Officer 

Fantacone, V 1 / 

Telephone No. +49 89 2399-7222 



Form PCT/IPEA/409 (Cover Sheet) (January 2004) 



INTERNATIONAL PRELIMINARY 
EXAMINATION REPORT 



International application No. PCT/EP 03/01474 



I. Basis of the report 

1 . With regard to the elements of the international application (Replacement sheets which have been furnished to 
the receiving Office in response to an invitation under Article 14 are referred to in this report as "originally filed" 
and are not annexed to this report since they do not contain amendments (Rules 70. 16 and 70. 1 7)J: 

Description, Pages 



1-15 as originally filed 

1 5a received on 20.02.2004 with letter of 20.02.2004 
Claims, Numbers 

1 -45 received on 20.02.2004 with letter of 20.02.2004 
Drawings, Sheets 

^/5-5/5 as originally filed 



2. With regard to the language, all the elements marked above were available or furnished to this Authority in the 
language in which the international application was filed, unless otherwise indicated under this item. 

These elements were available or furnished to this Authority in the following language: , which is: 

□ the language of a translation furnished for the purposes of the international search (under Rule 23.1 (b)). 

□ the language of publication of the international application (under Rule 48.3(b)). 

□ the language of a translation furnished for the purposes of international preliminary examination (under 
Rule 55.2 and/or 55.3). 

3. With regard to any nucleotide and/or amino acid sequence disclosed in the international application, the 
international preliminary examination was carried out on the basis of the sequence listing: 

□ contained in the international application in written form. 

□ filed together with the international application in computer readable form. 

□ furnished subsequently to this Authority in written form. 

□ furnished subsequently to this Authority in computer readable form. 

□ The statement that the subsequently furnished written sequence listing does not go beyond the disclosure 
in the International application as filed has been furnished. 

□ The statement that the information recorded in computer readable form is identical to the written sequence 
listing has been furnished. 

4. The amendments have resulted in the cancellation of: 

□ the description. pages: 

□ the claims, Nos.: 

□ the drawings. sheets: 
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INTERNATIONAL PRELIMINARY 
EXAMINATION REPORT 



International application No. PCT/EP 03/01 474 



5. S This report has been established as if (some of) the amendments had not been made, since they have 

been considered to go beyond the disclosure as filed (Rule 70.2(c)). 

V- 

(Any replacement sheet containing such amendments must be referred to under item 1 and annexed to this 
report.) 

see separate sheet 

6. Additional observations, if necessary: 

V. Reasoned statement under Article 35(2) with regard to novelty, inventive step or industrial applicability; 
citations and explanations supporting such statement 

1. Statement 

Novelty (N) Yes: Claims 

No: Claims 1-45 

Inventive step (IS) Yes: Claims 

No: Claims 1 -45 

Industrial applicability (lA) Yes: Claims 1-45 

No: Claims 

2. Citations and explanations 
see separate sheet 
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INTERNATIONAL PRELIMINARY International application No. PCT/EP03/01 474 
EXAMINATION REPORT - SEPARATE SHEET 



Section I 

1 . The annendennent made to dependent claims 10 and 1 1 extends the scope of the 
invention for which protection is sought beyond the content of the application jas 
originally filed, contrary to Article 34 (2)(b) PCT. This relate in particular to the 
deleted feature "...in the data string of the message...", as this feature seems to 
be essential for carrying out the method claimed and said claims without said 
feature are not supported by an embodiment. 

Section V 

2. The following documents are referred to in this communication. Their numbering 
will be adhered to in the rest of the procedure: 

D1:XP 002 217 356 

D2: SyncML Device Management Security, Version 1 .1 , 2000-12-07 

2.1 Document D1 (see in particular the passages cited in the Search Report) 
discloses, according to all features of claim 1 , a method for providing 
authentication (see page 20, line 1 to page 24, line 20) when messages are sent 
between an electronic communication apparatus (see "mobile phone" in page 7, 
lines 20-22) and a server (see "server" in page 7, lines 20-22) according to a 
synchronization protocol (SyncML), characterized in that: 

an authentication method indicator (see XML Tag "type" on page 21 , line 29- 
52; page 13, lines 37-40) is incorporated in an authentication protocol of the 
synchronization protocol (SyncML), wherein said authentication method indicator 
specifies an authentication method, which is determined based oiian 
authentication capability of the apparatus (see inplicitly with "device caBabjJitJ.es''. 
on section 2.7; "authentication information" on section 4.1, lines 3-4; "auth-basic" 
on section 4.1 .1 , line 11), according to which the authentication is executed (see 
page 20, line 1 to page 24, line 20). 
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INTERNATIONAL PRELIMINARY International application No. PCT/EP03/01 474 
EXAMINATION REPORT - SEPARATE SHEET 



The subject-matter of claim 1 therefore is not new, Articles 33(1) and (2) PCT. 

2.2 The same consideration as made in above paragraph 1.1 regarding claim 1 are 
also valid for independent claims 18 and 34 since they include the same feature 
combination as claim 1 in terms of apparatus claims which are directed to an 
electronic communication apparatus and, respectively, a server. 

The subject-matter of independent claims 18 and 34 therefore is not new. Articles 
33(1) and (2) PCT. 

3. Remarks concerning formal defects in the international application: 

In order to meet the requirements of Rule 5.1 (a) (ii) PCT, the most relevant prior 
art, i.e. the documents D1 and D2 should have been acknowledged by reference 
and briefly discussed in the introductory part of the description, preferably in such 
a way that the inventive merit of what is claimed can be readily understood. 

Moreover, the Applicant's attention is drawn to the fact that, as a consequence of 
Rule 66.8(a) PCT the examiner is not permitted to carry out any amendments 
under the PCT procedure, however minor these may be. 
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Abbreviations 

SyncML-DM 

SyncML-DS 

SHA-1 

Obex 

http 

WSP 



SyncML Pevice Management 

SyncML Data Sync ronizat ion 

Secure Hash Standard 1 

Object Exchange protocol 

Hyper Text Transfer Protocol 
WAP SsBsion Protocol 
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CLAIMS 

V- 

1. A method for providing authentiication when 
messages are sent between an electronic communication 

5 apparatus (1) and a server (3, 41, 51, Gl) according to a 
synchronization protocol, characterised in that an 
authentication method indicator (AMI) is incorporated in an 
authentication protocol of the synchronization protocol, 
wherein said AMI specifies an authentication method, which 
10 is deteirmined based on an authentication capability of the 
apparatus (1) , according to which the authentication ia to 
be executed. 

2. The method according to claim 1, wherein the AMI is 
15 incorporated in a met a command of the synchronization 

protocol . 

3 . The method according to claim 1 or 2 , wherein at 
least one authentication capability of the electronic 

20 communication apparatus is indicated in an authentication 
method list of an initialisation message sent to the server 
(31, 41, 51, . 61) for estaJblishing a connection. 

4. The method according to any of the previous 

25 claims, wherein any authentication data relating to the 
specified authentication method is incorporated in a data 
string of the synchronization protocol. 

5 . The method according to any of the previous 

30 claims, wherein the specified authentication method is GSM 
SIM authentication, 

S. The method according to any of the claims 1-4^ 
wherein the specified authentication method is UMTS USIM 
35 authentication, which also provides seirver authentication. 
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7. The method according to any of the claims 1-4, 
wherein the specified authentication method is WPKI or WIM I 
aut hent i cat ion . 

5 a. The method according to any of the claims 1-4, 

wherein the specified authentication method is Secuxeld or 
SafeWord authentication. 

9. The method according to any of the claims 3-7, 
10 wherein the server (31^ 41, 51, 61) determines the 

authentication capabilities of the electronic communication 
apparatus (1) baaed on the at least one authentication 
method listed in the authentication method list. 

15 10. The method according to claim 9, wherein the 

server (31, 41, 51, 61) executes any necessary 
authentication steps according to one of the at least one 
authentication methods indicated in the authentication 
method list, and prepares and transmits a message to the 

20 electronic communication apparatus (1) , comprising the AMI 
and any authentication data relating to the specified 
authentication method. 

11. The method according to claim 10, wherein tbe 
25 electronic communication apparatus (1) receives the 

message, executes any necessary authentication steps 
according to the authentication method indicated by the AMI 
to generate an e^ipected result, and prepares and transmits 
a response to the seirver, comprising the AMI, and any 
30 authentication data* 

12. The method according to any of the claims 1-S and 
9-11, wherein integrity protection is provided by utilizing 
CKs/IKs (cipher keys /integrity keys) generated by the 

35 electronic communication apparatus (1) and the server (31, 
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41, 51, 61), respectively, when SIM/USIM authentication is 
executed, which CK/IK is used for generating MAC values andt 
using a hashing function for computing a HMAC on a message 
to be sent . 

5 

13. The method according to any of the claims 7 or 9- 
11, wherein integrity protection is provided in that the 
server generates a integrity key, which is encrypted with 
the public key of the electronic communication apparatus 

10 (1) , which is generated during the authentication 

procedure, said integrity key is sent to said apparatus 
CD , and utilized for genera.ting MAC values and using a 
hashing function for computing a HMAC on a message to be 
sent . 

15 

14. The method according to claim 12 or 13, wherein 
the MAC value is confuted as per RFC2104- 

15- The method according to any of the claims 12-14, 
20 wherein the method utilizes SHA-1 as the hashing function. 

15. The method according to any of the previous 
claims, wherein the protocol is the SyncML-DM protocol or 
the SyncMIj-DS protocol - 

25 

17 . The method according to any of the previous 
claims, wherein the protocol is the Obex, http, or WSP 
protocol . 

30 18. An electronic communication apparatus (1) adapted 

to provide authentication when messages are exchanged with 
a server according to a synchronization protocol, 
characterized in. that the apparatus is further adapted to 
incorporate an authentication method indicator (AMI) in an 

35 authentication protocol of the synchronization protocol for 
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generating a MAC, and utilizing a hashing fiinction for 
cainputing a HMAC on a message to be sent . 

25 . The apparatus according to claim 24 , wherein the 
apparatus (l) is adapted to compute the MAC value as per 
RFC2104. 



10 



26- The apparatus according to claini 24 or 25, 
wherein the apparatus (1) is further adapted to utilize 
SHA-1 as the hashing function. 



15 



27. The apparatus according to any of the claims 18- 

25, wherein the protocol is the SyncML-DM protocol or the 
SyncML-DS protocol - 

28. The apparatus according to any of the claims 18- 

26, wherein the protocol is the Obex, http, or WSP 
protocol . 



20 29. The apparatus according to any of the claims 18- 

28, wherein the apparatus (1) is further adapted to utilize 
GSM SIM authentication as the authentication method. 

30- The apparatus according to any of the claims 18- 
25 28, wherein the apparatus (1) is adapted to utilize UMTS 
USIM authentication as the authentication method and 
provide server authentication. 

31. The apparatus according to any of the claims 18- 
30 28, wherein apparatus (1) is fxirther adapted to utilize 
Secureld^ SafeWord, WPKI or WIM authentication as the 
authentication method. 
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32, The apparatus according to any of the claims 18- 
31, wherein the apparatus is a pager, an electronic I 
organizer, or a smartphone, 

5 33. The apparatus according to any of the claims 18- 

31, wherein the apparatus is a mobile telephone CD . 



34, A server adapted to provide authentication when 
mesBsiges are exchanged with an apparatus (1) according to a 
synchronization protocol^ characterized in that the server 
(31;. 41, 51, Gl) is further adapted to incorporate an 
authentication method indicator (AMI) in coi authentication 
protocol of the synchronization protocol for indicating an 
authentication method, which is determined based on an 
authentication capability of the apparatus (1) , according 
to which the authentication is to be executed. 



10 



15 



20 



25 



35. The server according to claim 34, wherein the 
server (31, 41, '51, 61) is further adapted to incorporate 
any authentication data in a data string of the 
synchronization protocol, 

36. The server according to claim 34 or 35, wherein 
the server (31^ 41, 51, 61) is further adapted to determine 
from a received initialization message authentication 
capabilities of the apparatus (1) and further determine a 
specific authentication method to utilize therefrom, 

37. The server according to claim 36, wherein the 
server (31, 41, 51, 61) is further adapted to execute 
authentication according to the determined authentication 
method . 



38, The server according to any of the claims 34-37, 
35 wherein the server (31, 41, 51, 61) is further adapted to 



30 
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provide integrity protection by utilizing an IK (integrity 
key) for generating a MAC, and utilizing a hashing function- 
for computing a HMAC, 

5 39, The server according to claim 38, wherein the 

server (31, 41, 51, 61) is adapted to derive the MAC value 
as per RFC2ia4. 

40. The server according to claim 38 or 39^ wherein 
10 the server (31, 41, 51, Gl) is further adapted to utilize 

SHA-1 as the hashing function. 

41. The server according to any of the claims 34-40, 
wherein the protocol is the SyncML-DM protocol or the 

15 SyncML-DS protocol - 

42. The server according to any of the claims 34-41, 
wherein the protocol is the obex, http, or WSP protocol. 

20 43. The server according to any of the claims 34-42, 

wherein the server (31, 41, 51, 61) is further adapted to 
utilize GSM SIM authentication as the authentication 
method- 

25 44. The server according to any of the claims 34-42, 

wherein the server {31, 41, 51, 61) is further adapted to 
utilize UMTS USIM aiathentication as the authentication 
method and provide server authentication variable to an 
electronic user ecjuipment (1) - 



45- The server according to any of the claims 34-42, 
wherein server is further adapted to utilize Secureld, 
SafeWord, WPKI or WIM authentication as the authentication 
method- 
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